#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <kojima.masahisa@socionext.com> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
97707f12 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Support boot measurements Add TPM2 functions to support boot measurement. This includes starting up the TPM, initializing/appending the event log, and measuring the U-Boot version. Much of the code was used in the EFI subsystem, so remove it there and use the common functions. Signed-off-by: Eddie James <eajames@linux.ibm.com> For the API moving around from EFI -> u-boot core Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> For EFI testing Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
73f40716 |
|
24-Oct-2023 |
Eddie James <eajames@linux.ibm.com> |
tpm: Fix spelling for tpmu_ha union tmpu -> tpmu Signed-off-by: Eddie James <eajames@linux.ibm.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
a595be3a |
|
24-Jan-2023 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: add a function that performs selftest + startup As described in [0] if a command requires use of an untested algorithm or functional module, the TPM performs the test and then completes the command actions. Since we don't check for TPM_RC_NEEDS_TEST (which is the return code of the TPM in that case) and even if we would, it would complicate our TPM code for no apparent reason, add a wrapper function that performs both the selftest and the startup sequence of the TPM. It's worth noting that this is implemented on TPMv2.0. The code for 1.2 would look similar, but I don't have a device available to test. [0] https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf §12.3 Self-test modes Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
aa2d3945 |
|
16-Feb-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
efi_loader: Measure the loaded DTB Measures the DTB passed to the EFI application upon new boolean config switch CONFIG_EFI_TCG2_PROTOCOL_MEASURE_DTB. For platforms where the content of the DTB passed to the OS can change across reboots, there is not point measuring it hence the config switch to allow platform to not embed this feature. Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5208ed18 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Allow committing non-volatile data Add an option to tell the TPM to commit non-volatile data immediately it is changed, rather than waiting until later. This is needed in some situations, since if the device reboots it may not write the data. Add definitions for the rest of the Cr50 commands while we are here. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
4c57ec76 |
|
30-Aug-2022 |
Simon Glass <sjg@chromium.org> |
tpm: Implement state command for Cr50 Add a vendor-specific TPM2 command for this and implement it for Cr50. Note: This is not part of the TPM spec, but is a Cr50 extension. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
185f812c |
|
19-Jan-2022 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2957a1e2 |
|
29-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
tpm: use more algorithms than sha256 on pcr_read The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
2c9626c4 |
|
09-Nov-2021 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm2: Introduce TIS tpm core There's a lot of code duplication in U-Boot right now. All the TPM TIS compatible drivers we have at the moment have their own copy of a TIS implementation. So let's create a common layer which implements the core TIS functions. Any driver added from now own, which is compatible with the TIS spec, will only have to provide the underlying bus communication mechanisms. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
7fc93cae |
|
04-Nov-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand required in the TCG PC Client PFP spec. SubmitCommand enables to send the raw command to the TPM device. To implement this api, tpm2_submit_command() is added into tpm-v2.c. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8fc4e0b4 |
|
13-Aug-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add boot variable measurement TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
d8f105dd |
|
18-Jul-2021 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Support nvdata in TPM2 Add support for this feature in the TPM2 emulator, to support Chromium OS vboot. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
163a0d7e |
|
25-May-2021 |
Masahisa Kojima <masahisa.kojima@linaro.org> |
efi_loader: add PE/COFF image measurement "TCG PC Client Platform Firmware Profile Specification" requires to measure every attempt to load and execute a OS Loader(a UEFI application) into PCR[4]. This commit adds the PE/COFF image measurement, extends PCR, and appends measurement into Event Log. Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> Replace CONFIG_HASH_CALCULATE by CONFIG_HASH Fix conversions between pointers and u64. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
5b700cdc |
|
20-Apr-2021 |
Heinrich Schuchardt <xypron.glpk@gmx.de> |
tpm: missing event types Add a reference for the TPM event types and provide missing constants. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
63af92e8 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Allow disabling platform hierarchy with TPM2 With TPM2 we don't actually lock the TPM once verified boot is finished. Instead we disable the platform hierarchy which serves the same purpose. Add an implementation of this so we can safely boot into the kernel. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
7785bc1d |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for write_lock Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
6719cbe3 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add TPM2 support for read/write values Implement this API function for TPM2. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
eadcbc78 |
|
06-Feb-2021 |
Simon Glass <sjg@chromium.org> |
tpm: Add an implementation of define_space Add support for this so that the TPM can be set up for use with Chromium OS verified boot. Signed-off-by: Simon Glass <sjg@chromium.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
401d1c4f |
|
30-Oct-2020 |
Simon Glass <sjg@chromium.org> |
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
8e0b0871 |
|
30-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add tpm2 headers for TCG2 eventlog support A following patch introduces support for the EFI_TCG2_PROTOCOL eventlog management. Introduce the necessary tpm related headers Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
|
#
e926136b |
|
26-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: use more than sha256 on pcr_extend The current tpm2_pcr_extend is hardcoded using SHA256. Let's make the actual command to the TPM2 configurable so we can support a wider range of algorithms and keep the current command line as-is i.e limited to SHA256 only Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
915e3ae5 |
|
11-Nov-2020 |
Ilias Apalodimas <ilias.apalodimas@linaro.org> |
tpm: Add some headers from the spec A following patch introduces EFI_TCG2_PROTOCOL. Add the required TPMv2 headers to support it. Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
06bea498 |
|
04-Jun-2020 |
Dhananjay Phadke <dphadke@linux.microsoft.com> |
tpm: add TPM2_GetRandom command support Add support for TPM2 GetRandom command Signed-off-by: Dhananjay Phadke <dphadke@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
1400a7f3 |
|
06-Feb-2020 |
Simon Glass <sjg@chromium.org> |
tpm: Add more TPM2 definitions Add definitions for access and status. Need to drop the mixed case. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
be8a025e |
|
23-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Add non-volatile index attributes needed for v2 Version-2 TPMs support attributes for nvdata. Add definitions to the header file so that clients can use it. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
abdc7b8a |
|
18-Nov-2018 |
Simon Glass <sjg@chromium.org> |
tpm: Convert to use a device parameter At present many TPM calls assume there is only one TPM in the system and look up this TPM themselves. This is inconsistent with driver model, which expects all driver methods to have a device parameter. Update the code to correct this. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
998af319 |
|
01-Oct-2018 |
Simon Glass <sjg@chromium.org> |
sandbox: tpm: Tidy up enums and return values Use an enum for command values instead of open-coding them. This removes the need for comments. Also make sure the driver returns proper error numbers instead of -1. Signed-off-by: Simon Glass <sjg@chromium.org>
|
#
b9dd4fab |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add PCR authentication commands support Add support for the TPM2_PCR_SetAuthPolicy and TPM2_PCR_SetAuthValue commands. Change the command file and the help accordingly. Note: These commands could not be tested because the TPMs available do not support them, however they could be useful for someone else. The user is warned by the command help. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
dc26e913 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_HierarchyChangeAuth command support Add support for the TPM2_HierarchyChangeAuth command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
da9c3392 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add dictionary attack mitigation commands support Add support for the TPM2_DictionaryAttackParameters and TPM2_DictionaryAttackLockReset commands. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
69cd8f06 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_GetCapability command support Add support for the TPM2_GetCapability command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
1c4ea8f4 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_PCR_Read command support Add support for the TPM2_PCR_Read command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
6284be5a |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_PCR_Extend command support Add support for the TPM2_PCR_Extend command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
bad8ff56 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_Clear command support Add support for the TPM2_Clear command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
2dc6d97e |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_SelfTest command support Add support for the TPM2_Selftest command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
1922df20 |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: add TPM2_Startup command support Add support for the TPM2_Startup command. Change the command file and the help accordingly. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|
#
ff32245b |
|
15-May-2018 |
Miquel Raynal <miquel.raynal@bootlin.com> |
tpm: prepare support for TPMv2.x commands Choice between v1 and v2 compliant functions is done with the configuration. Create the various files that will receive TPMv2-only code on the same scheme as for the TPMv1 code. Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Tom Rini <trini@konsulko.com>
|